VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Volume
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2014-12-19 18:18:23 +0100
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2014-12-19 18:41:41 +0100
commit07156b6c09165cf61a6bd499d26151d1f32bf3a9 (patch)
tree165e39c03eaff470c42ef8e3af8f2c3de03b6465 /src/Volume
parent18dc75ee629c5f7af61bf8393dbb693cdd78b235 (diff)
downloadVeraCrypt-07156b6c09165cf61a6bd499d26151d1f32bf3a9.tar.gz
VeraCrypt-07156b6c09165cf61a6bd499d26151d1f32bf3a9.zip
Linux/MacOSX: Enhance performance by implementing the possibility to choose the correct hash algorithm of volumes during various operations (mount, change password...), both using the GUI and the command line.
Diffstat (limited to 'src/Volume')
-rw-r--r--src/Volume/Pkcs5Kdf.h7
-rwxr-xr-x[-rw-r--r--]src/Volume/Volume.cpp12
-rwxr-xr-x[-rw-r--r--]src/Volume/Volume.h4
-rwxr-xr-x[-rw-r--r--]src/Volume/VolumeHeader.cpp5
-rwxr-xr-x[-rw-r--r--]src/Volume/VolumeHeader.h2
5 files changed, 20 insertions, 10 deletions
diff --git a/src/Volume/Pkcs5Kdf.h b/src/Volume/Pkcs5Kdf.h
index 8618bb97..19267b0f 100644
--- a/src/Volume/Pkcs5Kdf.h
+++ b/src/Volume/Pkcs5Kdf.h
@@ -31,6 +31,7 @@ namespace VeraCrypt
virtual shared_ptr <Hash> GetHash () const = 0;
virtual int GetIterationCount () const = 0;
virtual wstring GetName () const = 0;
+ virtual Pkcs5Kdf* Clone () const = 0;
virtual bool IsDeprecated () const { return GetHash()->IsDeprecated(); }
protected:
@@ -53,6 +54,7 @@ namespace VeraCrypt
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Ripemd160); }
virtual int GetIterationCount () const { return 655331; }
virtual wstring GetName () const { return L"HMAC-RIPEMD-160"; }
+ virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacRipemd160(); }
private:
Pkcs5HmacRipemd160 (const Pkcs5HmacRipemd160 &);
@@ -69,6 +71,7 @@ namespace VeraCrypt
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Ripemd160); }
virtual int GetIterationCount () const { return 327661; }
virtual wstring GetName () const { return L"HMAC-RIPEMD-160"; }
+ virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacRipemd160_1000(); }
private:
Pkcs5HmacRipemd160_1000 (const Pkcs5HmacRipemd160_1000 &);
@@ -85,6 +88,7 @@ namespace VeraCrypt
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Sha256); }
virtual int GetIterationCount () const { return 200000; }
virtual wstring GetName () const { return L"HMAC-SHA-256"; }
+ virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacSha256_Boot(); }
private:
Pkcs5HmacSha256_Boot (const Pkcs5HmacSha256_Boot &);
@@ -101,6 +105,7 @@ namespace VeraCrypt
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Sha256); }
virtual int GetIterationCount () const { return 500000; }
virtual wstring GetName () const { return L"HMAC-SHA-256"; }
+ virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacSha256(); }
private:
Pkcs5HmacSha256 (const Pkcs5HmacSha256 &);
@@ -117,6 +122,7 @@ namespace VeraCrypt
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Sha512); }
virtual int GetIterationCount () const { return 500000; }
virtual wstring GetName () const { return L"HMAC-SHA-512"; }
+ virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacSha512(); }
private:
Pkcs5HmacSha512 (const Pkcs5HmacSha512 &);
@@ -133,6 +139,7 @@ namespace VeraCrypt
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Whirlpool); }
virtual int GetIterationCount () const { return 500000; }
virtual wstring GetName () const { return L"HMAC-Whirlpool"; }
+ virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacWhirlpool; }
private:
Pkcs5HmacWhirlpool (const Pkcs5HmacWhirlpool &);
diff --git a/src/Volume/Volume.cpp b/src/Volume/Volume.cpp
index 2c319ad9..12bc9a14 100644..100755
--- a/src/Volume/Volume.cpp
+++ b/src/Volume/Volume.cpp
@@ -62,7 +62,7 @@ namespace VeraCrypt
return EA->GetMode();
}
- void Volume::Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <KeyfileList> protectionKeyfiles, bool sharedAccessAllowed, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope)
+ void Volume::Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <Pkcs5Kdf> protectionKdf, shared_ptr <KeyfileList> protectionKeyfiles, bool sharedAccessAllowed, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope)
{
make_shared_auto (File, file);
@@ -93,10 +93,10 @@ namespace VeraCrypt
throw;
}
- return Open (file, password, keyfiles, protection, protectionPassword, protectionKeyfiles, volumeType, useBackupHeaders, partitionInSystemEncryptionScope);
+ return Open (file, password, kdf, keyfiles, protection, protectionPassword, protectionKdf,protectionKeyfiles, volumeType, useBackupHeaders, partitionInSystemEncryptionScope);
}
- void Volume::Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <KeyfileList> protectionKeyfiles, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope)
+ void Volume::Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <Pkcs5Kdf> protectionKdf,shared_ptr <KeyfileList> protectionKeyfiles, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope)
{
if (!volumeFile)
throw ParameterIncorrect (SRC_POS);
@@ -189,7 +189,7 @@ namespace VeraCrypt
shared_ptr <VolumeHeader> header = layout->GetHeader();
- if (header->Decrypt (headerBuffer, *passwordKey, layout->GetSupportedKeyDerivationFunctions(), layoutEncryptionAlgorithms, layoutEncryptionModes))
+ if (header->Decrypt (headerBuffer, *passwordKey, kdf, layout->GetSupportedKeyDerivationFunctions(), layoutEncryptionAlgorithms, layoutEncryptionModes))
{
// Header decrypted
@@ -238,9 +238,9 @@ namespace VeraCrypt
Volume protectedVolume;
protectedVolume.Open (VolumeFile,
- protectionPassword, protectionKeyfiles,
+ protectionPassword, protectionKdf, protectionKeyfiles,
VolumeProtection::ReadOnly,
- shared_ptr <VolumePassword> (), shared_ptr <KeyfileList> (),
+ shared_ptr <VolumePassword> (), shared_ptr <Pkcs5Kdf> (),shared_ptr <KeyfileList> (),
VolumeType::Hidden,
useBackupHeaders);
diff --git a/src/Volume/Volume.h b/src/Volume/Volume.h
index dce2aa3b..dcc6eb01 100644..100755
--- a/src/Volume/Volume.h
+++ b/src/Volume/Volume.h
@@ -89,8 +89,8 @@ namespace VeraCrypt
uint64 GetVolumeCreationTime () const { return Header->GetVolumeCreationTime(); }
bool IsHiddenVolumeProtectionTriggered () const { return HiddenVolumeProtectionTriggered; }
bool IsInSystemEncryptionScope () const { return SystemEncryption; }
- void Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), bool sharedAccessAllowed = false, VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false);
- void Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false);
+ void Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <Pkcs5Kdf> protectionKdf = shared_ptr <Pkcs5Kdf> (),shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), bool sharedAccessAllowed = false, VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false);
+ void Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <Pkcs5Kdf> protectionKdf = shared_ptr <Pkcs5Kdf> (), shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false);
void ReadSectors (const BufferPtr &buffer, uint64 byteOffset);
void ReEncryptHeader (bool backupHeader, const ConstBufferPtr &newSalt, const ConstBufferPtr &newHeaderKey, shared_ptr <Pkcs5Kdf> newPkcs5Kdf);
void WriteSectors (const ConstBufferPtr &buffer, uint64 byteOffset);
diff --git a/src/Volume/VolumeHeader.cpp b/src/Volume/VolumeHeader.cpp
index e7a47d29..fbdece50 100644..100755
--- a/src/Volume/VolumeHeader.cpp
+++ b/src/Volume/VolumeHeader.cpp
@@ -78,7 +78,7 @@ namespace VeraCrypt
EncryptNew (headerBuffer, options.Salt, options.HeaderKey, options.Kdf);
}
- bool VolumeHeader::Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes)
+ bool VolumeHeader::Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, shared_ptr <Pkcs5Kdf> kdf, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes)
{
if (password.Size() < 1)
throw PasswordEmpty (SRC_POS);
@@ -89,6 +89,9 @@ namespace VeraCrypt
foreach (shared_ptr <Pkcs5Kdf> pkcs5, keyDerivationFunctions)
{
+ if (kdf && (kdf->GetName() != pkcs5->GetName()))
+ continue;
+
pkcs5->DeriveKey (headerKey, password, salt);
foreach (shared_ptr <EncryptionMode> mode, encryptionModes)
diff --git a/src/Volume/VolumeHeader.h b/src/Volume/VolumeHeader.h
index 8ce56fd8..cb567f22 100644..100755
--- a/src/Volume/VolumeHeader.h
+++ b/src/Volume/VolumeHeader.h
@@ -56,7 +56,7 @@ namespace VeraCrypt
virtual ~VolumeHeader ();
void Create (const BufferPtr &headerBuffer, VolumeHeaderCreationOptions &options);
- bool Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes);
+ bool Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, shared_ptr <Pkcs5Kdf> kdf, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes);
void EncryptNew (const BufferPtr &newHeaderBuffer, const ConstBufferPtr &newSalt, const ConstBufferPtr &newHeaderKey, shared_ptr <Pkcs5Kdf> newPkcs5Kdf);
uint64 GetEncryptedAreaStart () const { return EncryptedAreaStart; }
uint64 GetEncryptedAreaLength () const { return EncryptedAreaLength; }